Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions

From: Herbert Xu
Date: Tue Dec 17 2024 - 07:04:26 EST

Next message: Eric Dumazet: "Re: [PATCH net] net: sysfs: Fix deadlock situation in sysfs accesses"
Previous message: David Woodhouse: "Re: [PATCH v5 07/20] x86/kexec: Invoke copy of relocate_kernel() instead of the original"
In reply to: Dan Carpenter: "[PATCH net] xfrm: prevent some integer overflows in verify_ functions"
Next in thread: Dan Carpenter: "Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Dec 17, 2024 at 11:42:31AM +0300, Dan Carpenter wrote:
>
> + if (algp->alg_key_len > INT_MAX) {

Why not check for UINT_MAX - 7? INT_MAX seems a bit arbitrary.

Thanks,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Next message: Eric Dumazet: "Re: [PATCH net] net: sysfs: Fix deadlock situation in sysfs accesses"
Previous message: David Woodhouse: "Re: [PATCH v5 07/20] x86/kexec: Invoke copy of relocate_kernel() instead of the original"
In reply to: Dan Carpenter: "[PATCH net] xfrm: prevent some integer overflows in verify_ functions"
Next in thread: Dan Carpenter: "Re: [PATCH net] xfrm: prevent some integer overflows in verify_ functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]